How secure will be this configuration?

***ammo*** · May 18th, 2005, 01:56 AM

You might want to give utilities such as this one http://www.eltima.com/products/application-as-service/
that wrap programs and run them as a service...

You might also possibly be able to run the app as another user through the scheduler...

These are all rather ugly hack solutions, but then again, so is the app..!

Ammo

PS: Otherwise, a wise man once told me, while asking about a simililar situation "You are phecked, thus place the blame elswhere!"*

*You can search the archives for it!

**nihil** · May 18th, 2005, 02:41 PM

Sorry cacosapo but it really seems like you are between "a rock and a hard place" or "the devil and the deep blue sea" on this one.

All I can suggest is take your money and run

or..............

Get in a team of wandering spiders...........you should have a plentiful local supply?..........maybe a team of Sydney Funnel Webs as backup? (you want males, one of the few spiders where the male is larger and more dangerous than the female) What I am basically saying is that without physical security, system security is academic.

Unfortunately you have too many unknowns to solve the equation.

Good luck

**ss2chef** · May 18th, 2005, 03:07 PM

Is this a situation where you may have over promised and can't deliver?

There is NEVER a reason to create extraneous liabilities for yourself.

Part of your job/responsibility is to level with your client about the realities you have explained to us.

When you manage risk, I don't think it is realistic or smart to sign your name with absolutes.

Sure you can minimize risk which I think you are doing but be careful about absolutes......

What is the application by the way? Is there a database involved (even flat file)?

***cacosapo*** · May 18th, 2005, 03:54 PM

your are taking this too seriously. Its just a job. I dont know there, but here is pretty common that a client ask me to do some kind of crap, such as "install AD on my 200 employee company using 3 domains and 3 forest because-i-know-that-is-the-best-config". If i cant convice the idiot that is a dumb idea, should i refuse to do the job? No way.
On every job i do my best, give some advice and warnings, send the report and bill. period.
I was just looking for other things that i may use to improve the crap that my client ordered.
No legal problems-- my client is aware that he is in trouble but -- he wants that and i think that i need to do my best, EVEN that the request is foolish.
"client is allways right" -- we use to say here

BTW, im trying Ammo solution with the demo provided and aparently is working,

**catch** · May 18th, 2005, 08:16 PM

If i cant convice the idiot that is a dumb idea, should i refuse to do the job? No way.

You need better negotiating skills.

cheers,

catch

***cacosapo*** · May 18th, 2005, 08:37 PM

You need better negotiating skills.

Nope, i need smart clients, but they are in extinction.

Ammo' solution looks to work fine, (tks again ammo) but:
a) client doesnt want to pay
b) client is affraid that application will crash because vendor cant guarantee that it will work forever...(man, tks God ihe will pay me good money or i swear that i will shot this guy)

So, i pointed on my report the problems of that solution, (including physical access), and what are the reasons that i cant solve them. Also i advice the client to try to change (with the vendor) the application to allow it to "fit" on best pratices. Ive closed the report and sent the bill.

Tks, guys for your support.
Now, next client

***ammo*** · May 19th, 2005, 03:17 AM

Haha! Client doesn't want to pay!? Man, a single license of that util only costs 80 bucks. This can only mean that you're doing something wrong... dude, you're not charging him enough!!!

Ammo

Thread: How secure will be this configuration?

Thread Tools

Display

Posting Permissions